Overview

overview

7

Static

static

1

999网址导航.htm

windows7-x64

3

999网址导航.htm

windows10-2004-x64

3

SkyDriveSetup.exe

windows7-x64

7

SkyDriveSetup.exe

windows10-2004-x64

7

�...��.htm

windows7-x64

3

�...��.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2024 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ذ˵.htm

  • Size

    3KB

  • MD5

    3a7e9e5ad3c30b81eafe94c577728cd2

  • SHA1

    1003c4d73fd36da952aa21c78d156c46cc236846

  • SHA256

    a8e5c8ca6d0f3136561d7eed75bea2117f5fa9ea4611e37d544ef97b5dd031cc

  • SHA512

    30734810ce2d71183c05d80ad751d786c0800799fdbb273e563585611d4178a31bc90674b31ec27771c0795705c8992c79f2ac5dde416df2825338794a6a3971

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ذ˵.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c36a5806c87841698f94bba703f05baa

    SHA1

    d4e9d487547d84cd32a181f4e6f5380c165c7d30

    SHA256

    6c7cd0eaae3e7518dc09ad7e662846eebe6eaef43df3f4b26946b17510eb7022

    SHA512

    98388ac455bcb795fb40804cffd01277d1a6576c81c72515d6ba358b4d02c762c0738444990ce39d14804790417fb42332be1a47d46a3a2a851aa97329e9c643

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3eb8949e4cd027cb434c2594028af3a9

    SHA1

    6f8990e5954aa6f5640cb6be3e9cdab54dbd9880

    SHA256

    76fd9862c9978e6ac2fb340cd8354972de12e342fd2592d4b4d25616fec615d0

    SHA512

    7e3d35ebc8e85c59af06106defc6d0e15e5a022835b196804e297cda9efdb8d2122e1bfd0ad76ade8356858419b77d0fa22006bf42d1bf8af543a01faa2833c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c495e46ae730215e2e4eec8bc354ad1

    SHA1

    9cede78395854464bffb6af4cf67cf8f322d118b

    SHA256

    478cd491036aacef8426eb15fa07a1bfcefbc3ee93dae3396ef0f7bd0b2a05bd

    SHA512

    7c5e51663a49748247ec0851561f6ca2d58258cc273e5699b7f61e3e9ea7c205e7a1f5ba35728677b0c234d6864873d17b36a83654378f2a416ce8b8d9d8c1c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbbcda642e028fdeb93b3bda338d93e8

    SHA1

    e63b01a634407a3156642e2f9c80d1ca5073f671

    SHA256

    e29b82503bce3a2a3194ed549c7ce38bf5b6e92496edc184f33d7735d92dd034

    SHA512

    245a2780c8e046fd31e89793a01aceb2533a86679593d653c198f459e533dc311044e06d5fe1103e8ac46205dd5e28ec69c12cbb37eea0f6962bf01266fc02a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0137df06b86af241c4338e4bdda42d67

    SHA1

    9a0fa359e927ce700ebb10db06885f126209f39a

    SHA256

    681b427a1dcde3c2047fe41c55fad1615281b03887156c6e1344fa6a55ad4c77

    SHA512

    90c943c09f3bb0902bcf51f601ee501e4a4a80d0a444e3a77cf3323d627af5d299cfcd8b1dafab84bdddf456df0b94e6088079008cafff797c13fe1fc7ba151f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3d08b7bcfa1ca785be28f7eade09bb2

    SHA1

    836e8c99734e4210a77ef6eef4663adbf03363b2

    SHA256

    6ac9fbb3bb433a873175870c12c3832cdc25b576021ed2db2bb22c262061d6cf

    SHA512

    83e717cba3efc9dc92235d06d81ce55717f11a857487e3de8a3bcf0c5e601f2127310663cab85c7af70001c5a77b34a75614d1064f3baf112ccf11d653232b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49fedda5a987c8e132806090574e03d2

    SHA1

    f5e22808aeb135258d816c4e89ef38b90f63c58e

    SHA256

    a7a51dcd5fd16ffc198c7230eb8f5e165a2eaa22c3d519748c5785d66c7236f8

    SHA512

    720d3cc2571e29208172b808a37b09b7a162a85c720956e8552dc3b683e1f1ea7cd1c412ff575bcc6eba97a6ba42bafaebf23aa8c75a4f36590f83e37f287cd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a13c28a7882d0e29edfceb0b37d95bca

    SHA1

    72dcd1125486bb26f86e07024eb0723508367793

    SHA256

    5487c6f57526ad556cf3351770a721e731be101ca6f23fe798ae23ba15f6105a

    SHA512

    bc1a581647cc4c45af21ec74efd7a46c2eebfab296bf5512566d5fd6655cecc8af5cb18055ee718764ec873810587ca27d4fcd272f1b6fb2b7f96aa016b6e936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3e0f874ac658d340d72847b4d2208cb

    SHA1

    ea12d3e659f5b99c14e74278c077020cea759a44

    SHA256

    fdcfe5ddbb408115c9f03ad1f7d0b408630b080f9c2d55f1560330ba450f31d2

    SHA512

    6327264b834c6e84b5eef4969b1b8d9797d2c0e66bcec02bc8bd42228d218c23c5dd06c8e2c83f638705b9512d755e9fc9645996ee1686453630a44667d7d85c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dddd132cec65edb9c56cce071c114fad

    SHA1

    efacad9e1c5f6858cb78a2dce9dd88943de47d31

    SHA256

    a97ccaeb82356a3aeca21dd1722241075710940d7e5ee44e291f01e40efc6b62

    SHA512

    9ef7377b97b540494f9bdd1db4923a99921670fe8f2fa15d2bb1339cf55b80aa6c84ba2791bb842457adae9272d4744573eb712fb60881110600e099763d5dfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a87b482fc33c4d833ea0b8da90b8f71

    SHA1

    c32423909fc868a750acfb076f5b81e9a3029dca

    SHA256

    9dd252e611fc30d799cf69bcb83b81600c66ad8cc495cbb556d55c84fcfd4efa

    SHA512

    afea58d708429f6030b274489d2327c61bdd150df4320fcb52757f8c720898e933dfe4ac0034ee0809e2c9d9e92bb9f6309a1d633c370be03a31b62351cee1ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dc43100aef1d8392488969f32e77b88

    SHA1

    a57e54bc221a013ef8e6f7db56888e4bbc2e5b74

    SHA256

    973ad729c8f0039590f9a9830092bb972df81874fd253787cd2062308b446817

    SHA512

    86adc5d0fd7c0d07ddd0147fa80d933c07bf83ee21562a584446b74923889324ddfed17f3da0c86568337a6c1b64e733c919c0f65f8970fbf18f4e9c78552e83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fadce1dc71ec8ae2e21ae993973aa80

    SHA1

    c7a850a6b35de32d45acf24f7fb3da16fbe57476

    SHA256

    80fa95df5fff0d378e99464a9fa159c00b346d986c535e9326040ddf7c8ed705

    SHA512

    aca935e08c08e14605e4e2dfb412f5c3f9353b9add66888189777a1f25d4cec6e27560d5d906711822a178d001a2787fb96fac5a2a673640e208fc6cdaa4f6c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00a67c56e7d8b743b4682e7b3be6be2f

    SHA1

    c7bffb0dea7fab1d34bdeeb9a56c89c6d6ae1229

    SHA256

    b8c06133a2ac071f628f45d78e808d08eabf00b6f8b889f5de7af892c67868e2

    SHA512

    6f8cba753aadc29970574ab4a7791a952769c4468e6a710811c88b2d370228e7c380ae9a15366ca0c5ae189b245827c14358787258add5e53a9b19bc788f5100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a996c993d357c3d63361685239f00d34

    SHA1

    c4193c8aacca329b783da55e5b4a24bc409ac0ae

    SHA256

    b251162214062bd33d74edf088f7648323381c80ae680365d410e0b5f6c6ca74

    SHA512

    2a83b6b0affc0c1b1864eb02f8e2419556352d705607ccd87fc53eb74fcde5f021772226a370254acbb0a47a07dde08ef26689a3ffeb0905993dc45a4aa29afa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f37fbcd4658c897f973b2e839e6186d5

    SHA1

    0f54c7f60a64a317387e541f1f0f2b55cc1b8c09

    SHA256

    0101f44ab565f4a65c7b2387983995227cbfc3ca66944f226dd482e082806405

    SHA512

    d1638747d8797318896bfd2d0f4450612eebf52dcaa33a5d568eca2d1594c7c7c90fe8f0a823adefae127533079d813551d7c1daa237c40169443f247b79721e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abd7a3acd9367ff89db1e3917c43b57c

    SHA1

    0ddc9fcec7591be2db96dcbb6ecd34531b9e6496

    SHA256

    a996ba52f05ff9d8072ad2adb95cc4c389d5405dae4528861112a5babd0a3cc9

    SHA512

    47fb69fe6c2d21e8ef88cddc25649e1814deb40b9bfe440784ad4a6d4cdb9eee8c8b701b8a5a42839dffa87e89eebcf6b23e78b33fdd488148b5e1b219a54e5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9dc086693f5fab6ebf9389b38a18ce5

    SHA1

    2c25ae7ae6a696ed065213ad1cd6067598fab85b

    SHA256

    728589588383c5ac1f540867553084097478b9a679388562024928592f5cd2e1

    SHA512

    cc636661570bb7cb4656ec73f749c5f418ab82d01b8a4dc6be8925c7cb1523404d90102cf292b24ab784aae0fe458c9192c4a2a266abbe23575f52225a2345fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcfeaad939773e142fe3e87ec0d31599

    SHA1

    06fd3313883702e03016f7b8ad4a5d3dde1e08ac

    SHA256

    aea42a32ea18e869625bbb2d75777a42b9d71c19498a043b5cae8d3f97719430

    SHA512

    bd4a80a8ec7c7f0c6a64bd469a9783d707526304909784a084954ae1a74c9742b3e07fd2e9303b1ec751b4dfa6752878c73e130464d4002bbf3eb781e171409d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC69C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC6FD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit